What is Squid?
Squid is a caching proxy server for the web.
Whether you’re using it at home for just a few machines, or at an office for thousands of machines, it’s reliable, can help save bandwidth, and most importantly is relatively simple to get running.
- Xcode Tools must be installed, as you will be compiling Squid from its source code. Xcode Tools is available on you Mac OS X Install discs, and also from http://developer.apple.com/
- Knowledge of the command line interface
- Administrator access
Installation and Configuration
1. Download the Squid source code from here: http://www.squid-cache.org/. Follow the links and download the latest stable release. This guide was written for Squid v3.0 Stable 19 (.tar.gz download), but later versions will most likely follow the same process.
2. Open Terminal and cd to the location you downloaded the file to:
3. Extract the archive:
tar zxvf squid-3.0.STABLE19.tar.gz
4. Go into the squid source code directory:
5. Run the configure script, with the location of the squid installation. I always use the below, because it separates the squid install into a specific directory instead of sprawling files all over the system (which makes it harder to remove later, if you need to)
6. Compile squid with the following command:
7. Install squid with the following command:
sudo make install
8. Now that squid is installed, it needs some configuring:
9. Edit the default configuration file:
sudo vi squid.conf
10. Add an ACL to allow all hosts on your network to use squid. Locate the line:
http_access allow localnet
Add the following line above it:
http_access allow all
11. Set the cache_dir (the location to store the cache files). Locate the line:
# cache_dir ufs /usr/local/squid/var/cache 100 16 256
Uncomment the line, and change the path to one of your choosing. E.g.:
cache_dir ufs /Volumes/Misc/var/cache 5000 16 256
12. The default maximum_object_size is 4MB. This means squid will only cache files smaller than 4MB. Not very helpful if you’re downloading large files (specifically, software updates). Locate the line:
# maximum_object_size 4096 KB
Change the line to something more appropriate for your needs. E.g.:
maximum_object_size 214096 KB
13. By default, squid will allow go into a “shutdown pending” mode if it receives a SIGTERM or SIGHUP. This tends to make the Mac shutdown process pause for some time while it waits for Squid to exit. I’ve worked around this by changing this line:
# shutdown_lifetime 30 seconds
shutdown_lifetime 2 seconds
14. Set other options as necessary.
15. Ensure the cache directory exists, and that permissions are correct. By default, squid will run as “nobody”, so the cache directory and those under it need permission to access it.
sudo mkdir cache
sudo chown -R nobody:nobody cache
16. Ensure the log directory exists, and that permissions are correct. Squid will be logging to /usr/local/squid/var/logs.
sudo mkdir /usr/local/squid/var/logs
sudo chown nobody /usr/local/squid/var/logs
17. Start squid for the first time manually. This is required in order for it to create the necessary cache directories:
sudo ./squid -z
18. Squid will create the cache directories and then exit.
19. Start squid in the foreground and test it out. Configure a web browser to use the proxy server localhost:3128, then run squid again:
20. If you can access the web via the proxy, then you’re all set. Otherwise, review settings and check the logs (/usr/local/squid/var/logs/ – cache.log and access.log)
21. Stop squid, as we’ll now configure it to run at startup:
sudo ./squid -k shutdown
ps -ef | grep squid
22. Download this file: http://maxpowerindustries.com/files/org.squid.squid.plist
23. Locate the file and copy it to /Library/LaunchDaemons.
24. Fix permissions on the startup item:
sudo chown -R root:wheel Squid
sudo chmod 644 org.squid.squid.plist
25. Restart your Mac and confirm that Squid is running once it starts back up. Open Terminal, and run:
ps -ef | grep squid
26. Configure other machines on your network to use Squid.
That’s pretty much it for a basic config on Mac OS X for a home user. It’s functional, but by no means completely secure and optimised.
Its worth configuring squid log rotations as well, since the logs can grow quickly. Setting up a cron job to run ‘/usr/local/squid/sbin/squid -k rotate’ will overcome this. If you want to archive the logs, you might want to set up your own scripts to do this.